Centralized controller for distributing network policies of virtual machines in a datacenter

ABSTRACT

A physical computing device that operates in a network. The device includes a group of tenant virtual machines (VMs). Each VM is hosted on a host machine that includes a virtualization software. The device receives network bandwidth allocation policies for the group of VMs. The device determines a set of potential communication peers for each VM. The device sends the network bandwidth allocation policy of each VM to the virtualization software of the host machines of each potential communication peer of the VM.

BACKGROUND

Software defined data centers (SDDCs) virtualize the physical network toprovide isolated virtual networks for respective tenants. In order toachieve this goal, the network resource has to be shared among multipleunrelated tenants. For resources such as computation, memory andstorage, which are allocated locally, there have already been someeffective sharing mechanisms. But for network resource, fair sharing ismore challenging because it is distributed by its nature and involvesmultiple components.

Significant research has addressed the problem of how to share thenetwork in data centers, especially how to share the bandwidth resourcesamong tenants in a fair manner. Some proposed solutions enforce thetraffic control at the edge, while others require control in middlephysical nodes. The software-based edge control is a more feasibledirection, because changes to physical nodes (e.g. switches and routers)are expensive, slow to standardize, and hard to customize once deployed.Existing edge control approaches introduce a scheduler at thehypervisor. The scheduler allocates the bandwidth among entities, whichare typically virtual machines (VMs) or flows identified bysource-destination VM pairs, based on the entities' policies. The policyusually contains bandwidth reservation, share, and limit. With afeedback mechanism, the allocation is changed periodically. However,these approaches calculate the allocations without considering thepeers' weight. All peers are treated equally, and the VM's policy isjust divided equally to them.

BRIEF SUMMARY

Some embodiments utilize a centralized controller to distribute VMnetwork policies. The controller is able to identify all peers that a VMcould potentially communicate with, and pushes their network policies tothe virtualization software (also referred to as hypervisor) on the hostof the VM. The controller also pushes the VM's policy to thevirtualization software on the hosts of the potential peers. The networkpolicy (also referred to as the bandwidth allocation policy or bandwidthsharing policy) of a VM includes the bandwidth reservation, limit, andshare. The reservation is the minimum bandwidth guaranteed to a VM, thelimit is the maximum allowed bandwidth for the VM, and the share is theweight used to calculate the VM's share of spare bandwidth. Subsequentlythe virtualization software uses the policies to calculate bandwidthallocations for both sending and receiving, and hence improve sharingfairness.

The peers usually run on other hosts. To share the bandwidth fairlyamong the VMs, the virtualization software needs to know the networkpolicies of the VMs that communicate with each other. The centralizedcontroller receives the network policies of all VMs in the datacenter.However, distributing every VM policy to every virtualization softwarecould be very time consuming. In a large data center, there could bemillions of VMs and sending all VMs' policies to each hypervisor causesa lot of extra overhead.

However, a VM usually only communicates with a small number of peers.Some embodiments provide a method that for each VM, identifies all otherpeer VMs that can potentially communicate with the VM. The controllerthen sends the policies of the identified peer VM's to thevirtualization software on the host of the VM. The controller also sendsthe VM's policy to the virtualization software of the identified peerVMs.

The preceding Summary is intended to serve as a brief introduction tosome embodiments of the invention. It is not meant to be an introductionor overview of all inventive subject matter disclosed in this document.The Detailed Description that follows and the Drawings that are referredto in the Detailed Description will further describe the embodimentsdescribed in the Summary as well as other embodiments. Accordingly, tounderstand all the embodiments described by this document, a full reviewof the Summary, Detailed Description and the Drawings is needed.Moreover, the claimed subject matters are not to be limited by theillustrative details in the Summary, Detailed Description and theDrawing.

BRIEF DESCRIPTION OF THE DRAWINGS

The novel features of the invention are set forth in the appendedclaims. However, for purposes of explanation, several embodiments of theinvention are set forth in the following figures.

FIG. 1 conceptually illustrates a physical network view in someembodiments of the invention.

FIG. 2 conceptually illustrates a virtual network view in someembodiments of the invention.

FIG. 3 conceptually illustrates competition for sending packets in someembodiments of the invention.

FIG. 4 conceptually illustrates competition for receiving packets insome embodiments of the invention.

FIG. 5 conceptually illustrates a central controller for receiving anddistributing virtual machines network policies in some embodiments ofthe invention.

FIG. 6 conceptually illustrates sending virtual machines' networkpolicies to a central controller in some embodiments of the invention.

FIG. 7 conceptually illustrates a central controller receiving virtualmachines' network policies from hosts' virtualization software in someembodiments of the invention.

FIG. 8 conceptually illustrates a process for on demand sending of peernetwork policies to virtualization software in some embodiments of theinvention.

FIG. 9 conceptually illustrates a process for proactive sending of peernetwork policies to virtualization software in some embodiments of theinvention.

FIG. 10 conceptually illustrates a logical view of a network with avirtual distributed router in some embodiments of the invention.

FIG. 11 conceptually illustrates a process a push model to send networkpolicies to virtualization software in a system with a virtualdistributed router in some embodiments of the invention.

FIG. 12 conceptually illustrates a process for calculating bandwidthreservation for flow between two virtual machines in some embodiments ofthe invention.

FIG. 13 conceptually illustrates a process for calculating bandwidthlimit for flow between two virtual machines in some embodiments of theinvention.

FIG. 14 conceptually illustrates a process for calculating share for theflow between two virtual machines in some embodiments of the invention.

FIG. 15 conceptually illustrates an electronic system with which someembodiments of the invention are implemented.

DETAILED DESCRIPTION

In the following detailed description of the invention, numerousdetails, examples, and embodiments of the invention are set forth anddescribed. However, it will be clear and apparent to one skilled in theart that the invention is not limited to the embodiments set forth andthat the invention may be practiced without some of the specific detailsand examples discussed.

I. Sharing of Network Bandwidth Among VMs

In a datacenter that includes a large number of unrelated tenants, theavailable network bandwidth has to be fairly shared among VMs ofdifferent tenants. Fairness requires that when there is congestion orwhen there is extra available bandwidth, each flow to get a fair shareof the available bandwidth.

A. Network Views

In network virtualization there are two levels of views: physical viewand virtual view. FIG. 1 conceptually illustrates a physical networkview in some embodiments of the invention. The figure shows the physicalview abstraction for a datacenter that has VMs for multiple tenants. Asshown, Tenant 1 has three VMs 130, 135, and 145. Tenant 2 has two VMs140 and 150. The VMs 130-150 connect to the physical network 105 throughphysical links 160-165. To simplify the description, each VM 130-150 isassumed to have only one virtual network interface controller (VNIC)170. However, if a VM has multiple VNICs, the VM can be viewed asmultiple VMs, each with one VNIC.

As shown in the figure, each physical link can be shared by multipleVMs, which can belong to multiple tenants. A scheduler 120 between theVMs and the physical link is responsible for fairly sharing the networkbandwidth among the VMs.

FIG. 2 conceptually illustrates a virtual network view in someembodiments of the invention. The figure shows the virtual view of thesystem of FIG. 1 as a tenant sees. FIG. 2 shows a hose model in whichall VMs of a tenant appear to be connected to a single virtual switch.For instance, VMs 130, 135, and 145 of Tenant 1 appear to be connectedto virtual switch 205 while VMs 140 and 150 of tenant 2 appear to beconnected to virtual switch 210. The hose model provides quality ofservice (QoS) based on the aggregate network traffic per each networkendpoint (e.g., per tenant 130-150 shown in FIG. 2).

B. The Bandwidth Scheduler

The bandwidth scheduler is responsible for allocating a link's bandwidthamong active VM flows. The flow is defined as all the packets from asource VM to a destination VM. A flow's scheduling policy has threeparameters: reservation, limit, and share.

Reservation defines the minimum guaranteed bandwidth. The reservation isthe lower bound that is guaranteed even if the bandwidth is heavilyutilized. In some embodiments, provide admission control mechanisms toensure that the sum of the reservations for the bandwidth does notexceed the total capacity.

Limit is the maximum bandwidth that can be used even if more bandwidthis available. Limit is the upper bound on the bandwidth usage even ifthe bandwidth is under committed. A VM is prevented from using morebandwidth than the VM's bandwidth limit, even if that leaves somenetwork bandwidth unused.

Share is the weight used for allocating spare bandwidth. Share specifiesrelative importance. The share is expressed as an absolute value or apercentage. In addition to a VM's guaranteed bandwidth reservation, theVM is allowed to share the spare bandwidth (up to the VM's bandwidthlimit) as a fraction of the total shares when there is contention forthe bandwidth.

Some embodiments control the competition for bandwidth at the sourceside, since dropping packets at the source side instead of thedestination side saves physical bandwidth. The scheduler in someembodiments determines the competition at both the sending and receivingsides and uses the competition to control the bandwidth at the sendingside.

At the sending side, the scheduler detects the competition directly.FIG. 3 conceptually illustrates competition for sending packets in someembodiments of the invention. As shown in the example of FIG. 3, VM 301sends packets to VM 303 and 304, and VM 302 sends packets to VM 305. VM301 and VM 302 share the same physical link 310 and compete for thebandwidth at the sending side. The scheduler 315 at the sending sidedetects the competition between VM 301 and VM 302 directly. Details ofbandwidth calculation at the sending side are described further below.

The sending side scheduler, however, does not know how to allocate thereceiver side bandwidth since there could be other senders on otherhosts that send packets to the destination VM. Only the receiver knowshow to allocate the bandwidth at the receiving side. Some embodimentsprovide a feedback mechanism from the receiving side to notify thesending side when a competition happens. For instance, some embodimentsprovide a dedicated feedback packet to provide competition informationto the sending side. The feedback also carries calculated schedulinginformation. The receiver calculates the bandwidth allocation and sendsthe calculation results to the sender using the feedback packet. Detailsof bandwidth calculation at the receiving side are described furtherbelow.

FIG. 4 conceptually illustrates competition for receiving packets insome embodiments of the invention. As shown, VM 404 receives packetsfrom VM 401 through physical link 410 and from VM 402 through physicallink 415. VM 405 receives packets from VM 403 through physical link 415.There is competition at VM 404 to receive packets from VMs 401 and 402.The virtualization software on the VM 404 host calculates bandwidthallocations and sends feedback to schedulers 420 and 425 at bothphysical links 410 and 415. In some embodiments, when the competitioncontinues, feedback packets are sent periodically.

After receiving the feedback, the sending side schedulers slow down ofthe traffic (if necessary) from VMs 401 and 402 to VM 404. If there isno feedback for a while, the sending speed is gradually increased. Thespeed adjustment takes the previously received feedback information intoaccount. Some embodiments utilize a weighted version of TCP congestioncontrol mechanism to control the rate and share the extra sparebandwidth among the active VMs. For instance, the unallocated bandwidthor the bandwidth that is reserved for some VMs but is currently unusedis borrowed and is distributed among the active VMs based on the sharesspecified in their network policies.

II. Controller Based Sharing of Network Policies

Some embodiments utilize a controller-based network sharing approach toshare bandwidth among VMs. A centralized controller (or a centralizedcluster of controllers) is used in some embodiments to distribute VMs'network policies. Some embodiments calculate flow's scheduling policybased on active peers' policies.

FIG. 5 conceptually illustrates a central controller for receiving anddistributing virtual machines network policies in some embodiments ofthe invention. The figure shows several hosts 501-503. Thevirtualization software (or hypervisor) 511-513 on each host includes ascheduler 560. The schedulers 560 located between the VMs 530 and thephysical links 580 are responsible for allocating the network bandwidthamong VMs. the physical links 580 connect the hosts 501-503 to aphysical network 570.

Each virtualization software has a dedicated connection to a centralizedcontroller 565, which is used for exchanging information regarding VMsnetwork policies. Although a single node 565 is shown in FIG. 5 forsimplicity, the centralized network policy distribution controller insome embodiments is a cluster (or a set) of controllers. The use of acluster of controller provides, e.g., reliability and allows loadbalancing among the controllers in the cluster.

In some embodiments, network policy distribution controller isimplemented on a set of physical devices. Each physical device includesa set of processing units, a set of machine readable media that areexecutable by the processing units, and storage.

A. Sending VM Network Policies to the Controller

In some embodiments, the network policy distribution controller receivesVMs network policies during the VM deployment. In other embodiments, thecontroller collects the VMs' network policies from each virtualizationsoftware. FIG. 6 conceptually illustrates sending virtual machines'network policies to a central controller in some embodiments of theinvention. As shown, the system includes several hosts 601-602 withvirtualization software 630.

At the time of the deployment of a VM (e.g., when a configured VM ispowered on and becomes active or when a VM is moved from one host toanother host) the VM network configuration is sent to the host'svirtualization software. A portion of the VM network policy (i.e., theVM's bandwidth reservation, bandwidth limit, and bandwidth share) issent to the controller 610. The VM bandwidth reservation is the minimumbandwidth that is guaranteed for the VM. The VM bandwidth limit is themaximum bandwidth that the VM can use. The VM bandwidth share is theweight used for allocating additional bandwidth (over the guaranteedreservation) to the VM when spare bandwidth is divided among active VMs.

Different embodiments configure and deploy VMs differently. As shown inFIG. 6, the compute manager 640 configures the VMs 615-625. In someembodiments, the compute manager also configures VM's networkconnections through the network manager 605. In these embodiments, thecompute manager controls the management and modification of virtualswitches, virtual ports, etc. In other embodiments, the network managercontrols the management and modification of these entities. Networkmanager 605 and compute manger 640 are software that function asservers, are deployed as appliances, and may reside on physical orvirtual computer systems (not shown). As with controller 610, networkmanager 605 and compute manager 640 may be provided as individualservers or as clusters of servers to provide scalability, fail-over, andload balancing capability.

The compute manager 640 is a component of the SDDC that is used tocreate and configure computing resources such as the VMs and the storagein the SDDC. In some embodiments, network manager is a part of thecompute manager while in other embodiments, the compute and networkmanagers are separate entities. In either case, when the compute managerdeploys a VM, the VM network policy (i.e., the bandwidth reservation,bandwidth limit, and bandwidth share) is sent to the controller. Inaddition, Open Systems Interconnection (OSI) model Layer 2 (L2) andLayer 3 (L3) connection information of the VM (e.g., the virtualswitches or virtual routers that the VMs are connected to) is sent tothe controller.

FIG. 7 conceptually illustrates a central controller receiving virtualmachines' network policies from hosts' virtualization software in someembodiments of the invention. The configuration and deployment of VMs615-625 by the compute manager 740 and network manager 705 in FIG. 7 issimilar to the embodiments described by reference to FIG. 6. However, inFIG. 7, the controller 610 receives the VM network policies fromvirtualization software 730 in each host 701-702. For instance, thevirtualization software 730 in each host is configured to send a copy ofa VM's network policies and VM's L2 and L3 connection information to thecontroller 610 when the virtualization software activates the VM.

B. Distribution of VM Network Policies

The controller in some embodiments uses a reactive query model todistribute VMs network policies to hypervisors. In other embodiments,the controller uses a proactive push model to distribute the policies.In query model, when a VM on a host starts communicating with a newpeer, the virtualization software on the host queries the peer's policyfrom the controller and stores the policy (e.g., in cache). In someembodiments, when the communication with a peer idles for apredetermined period, the peer's policy is deleted from the host storage(e.g., is removed from the cache), by a timeout mechanism. In the pushmodel, the controller sends the policies of potential peers tovirtualization software in advance. These policies in some embodimentsnever expire.

FIG. 8 conceptually illustrates a process 800 for on demand sending ofpeer network policies to virtualization software in some embodiments ofthe invention. Process 800 is performed by virtualization software insome embodiments. As shown, the process determines (at 805) whether a VMrequires communicating with a new peer. If not, the process uses (at810) the existing policies for allocating bandwidth for the ongoingcommunication flows. The process then returns to 805, which wasdescribed above.

Otherwise, the requests (at 815) the controller for a copy of the peer'snetwork policies. The polices in some embodiments include bandwidthreservation, limit, and share for the peer VM. The process then receives(at 820) the peer's network policies from the controller. The processthen allocates (at 825) bandwidth for communication between the VM andthe peer and adjusts the bandwidth for other communication flows usingthe list policies stored at the virtualization software. Details ofallocating bandwidth using the VM policies are described further below.

The process then determines (at 830) whether communication between theVM and the peer is idle for a pre-determined period of time. If not, theprocess proceeds to 805, which was described above. Otherwise, theprocess removes (at 835) the peer's policy from the list of policiessaved at the virtualization software. The process then updates (at 840)the bandwidth allocation for the ongoing flows. The process thenproceeds to 805, which was described above.

Other embodiments use a proactive push model to distribute VMs policies.The advantage of the proactive push model is when a new flow isinitiated (i.e., when two VMs start communicating), no delay is causedby a query to get the peer's policy. However, the controller has todetermine the set of potential peers for each VM on a host in order topush the peers' policy to the appropriate virtualization software. Asimple solution would be to push all policies to every host'svirtualization software. However, this solution would cause extensiveoverhead in a SDDC with thousands of hosts.

The set of potential peers can be reduced based on the fact that a VMonly communicates with other VMs connected to the same virtual switch.In some embodiments, the virtualization software includes a physicalforwarding element (PFE) such as a virtual switch. In the virtualizationfield, some refer to software switches as virtual switches as these aresoftware elements. However, in this specification, the softwareforwarding elements are referred to as physical forwarding elements(PFEs), in order to distinguish them from logical forwarding elements(LFEs), which are logical constructs that are not tied to the physicalworld. In other words, the software forwarding elements are referred toas PFEs because they exist and operate in the physical world, whereasLFEs are a logical representation of a forwarding element that ispresented to a user when designing a logical network. In someembodiments, several PFEs are distributed throughout the networkimplement tenant's LFEs, where each PFE is a local instantiation of anLFE that operate across different host machines and can perform L3packet forwarding between VMs on the host machine or on different hostmachines. An LFE is sometimes referred to as a virtual distributedswitch (VDS).

The set of peers of a VM includes all VMs that are connected to the sameLFEs or PFEs as the VM. For VMs connected to other LFEs or PFEs, thetraffic needs to go through a virtual gateway. The virtual gateway hasits own policy to shape the traffic across the layer 2 boundary. Thecontroller, therefore, requires to only handle internal traffic. Thelist of LFE and PFEs that VMs are connected to are sent to thecontroller as the VMs' L2 connection information as described byreference to FIGS. 6-7 above.

The controller, therefore, only needs to push the policies of those VMsthat connect to the same LFEs/PFEs. A host's virtualization software canhold multiple VMs connecting to different virtual switches. Thecontroller has to push the policies of all VMs of these switches.

FIG. 9 conceptually illustrates a process 900 for proactive sending ofpeer network policies to virtualization software in some embodiments ofthe invention. Process 900 in some embodiments is performed by thecontroller. As shown, the process determines (at 905) whether a new VMis powered up at a host or is transferred to the host. If not, theprocess back to 905 (e.g., after a predetermined delay). Otherwise, theprocess identifies (at 910) the physical or logical forwarding elementsthat the VM is connected to.

The process then identifies (at 915) all other VMs on any hosts that areconnected to the identified PFEs or LFEs. These are all VMs that canpotentially communicate with the new VM. For instance, as described byreference to FIGS. 6 and 7 above, the controller 610 receives L2 and L3connection information of the VMs (e.g., the virtual switches or virtualrouters that the VMs are connected to) from the network manager 605 (asdescribed by reference to FIG. 6) or from the virtualization software730 of each host (as described by reference to FIG. 7).

The process then sends (at 920) the network policies of each identifiedVM to the virtualization software of the new VM if the virtualization ofthe new VM has not already received the VM's policies. The process thensends (at 925) the network policies of the new VM to the virtualizationsoftware of each identified VM if the virtualization software of theidentified VM has not already received the new VM's policies. Theprocess then proceeds to 905, which was described above.

C. Distribution of VM Network Policies in a Virtual Distributed RouterDomain

Some embodiments utilize a virtual distributed router (VDR). A VDRintroduces one-hop routing that enables a packet to be sent to a VM ofanother LFE or PFE directly, without going through a gateway. FIG. 10conceptually illustrates a logical view of a network with a virtualdistributed router in some embodiments of the invention. As shown, a setof VMs 1030-1040 is connected to a first forwarding element (i.e., anLFE or a PFE) 1080. Another set of VMs 1045-1050 is connected to asecond forwarding element 1085.

The figure shows the one-hop traffic. Logical forwarding elements 1080and 1085 connect to a VDR 1090. The VDR in some embodiments isimplemented by including a local instantiation of the VDR in eachvirtualization software that connects to the VDR. At the data path, theVDR instance on each virtualization software forwards the traffic from alocal VM to a remote VM of another virtual switch directly without goingthrough a gateway.

As there is no gateway on the data path to do the traffic control, thebandwidth control has to be performed by each host virtualizationsoftware. In order for to calculate the flow policy based on the sourceVM and destination VM's policies, the controller has to send a widerrange of policies to the virtualization software. A VDR domain isdefined to contain all virtual switches connected to the VDR. For everyVM pair within the domain, their traffic can reach each other directly.The controller, therefore, has to push the policies of all VMs belongingto a VDR domain. The information regarding the VDRs that VMs areconnected to is sent to the controller as the VMs' L3 connectioninformation as described by reference to FIGS. 6-7 above.

FIG. 11 conceptually illustrates a process 1100 for a push model to sendnetwork policies to virtualization software in a system with a virtualdistributed router in some embodiments of the invention. As shown, theprocess determines (at 1105) whether a new VM that is connected to a VDRis powered up at a host or is transferred to the host from another host.If not, the process proceeds back to 1105 (e.g., after a predetermineddelay).

Otherwise, the process identifies (at 1110) all PFEs and LFEs that areconnected to the VDR. The process then identifies (1115) all other VMsthat are connected to the identified PFEs and LFEs. The process thensends (at 1120) the network policies of each identified VM to thevirtualization software of the new VM if the virtualization of the newVM has not already received the VM's policies. The process then sends(at 1125) the network policies of the new VM to the virtualizationsoftware of each identified VM if the virtualization software of theidentified VM has not already received the new VM's policies. Theprocess then proceeds to 1105, which was described above.

In alternative embodiments, the VDR's network policy is used as the flowpolicy for the traffic flow between the VMs. Because the VDR includes anumber of instances on each hypervisor instead of a central node, theVDR network policy has to be distributed to each virtualization softwareusing the controller. Currently the routing information has beendispatched using the controller. The flow policies have to be added tothe dispatching process.

III. Flow Policy Calculation with Run-Time Information

The flow policy used to allocate bandwidth to the data flow between twoVMs is derived from the two VMs' policies. The flow's policy iscalculated based on active peers by taking the active peers' policies inaccount. To calculate the accurate data for the scheduler, run-timeinformation including the number of active VMs and periodic statisticaldata is required. Feedback packets sent by destination virtualizationsoftware to the source virtualization software are used to determine thenumber of active VMs. The feedback mechanism provides the periodicalstatistical data. The run-time information is used to calculate thebandwidth allocation. A flow's policy includes reservation, share andlimit, which are calculated as described below.

A. Calculation of Bandwidth Reservation for Traffic Flow Between Two VMs

The sending side calculates the flow's reservation as follows. Assumingthat a source VM, s, is sending packets to a destination VM set, d. Thereservation of s is R_(s) and the reservation of each destination VM ofdεD (i.e., destination d belongs to the set of destinations D) is R_(d).Then the reservation of the flow between VM s and VM d is:

$R_{s - d}^{s} = {R_{s} \times \frac{R_{d}}{\sum\limits_{i \in D}R_{i}}}$

At the receiving side, assuming that a destination VM d is receivingpackets from a source VM set s, the reservation of VM d is R_(d) and thereservation of sεS is R_(s). Then the reservation of the flow between sand d is:

$R_{s - d}^{d} = {R_{d} \times \frac{R_{s}}{\sum\limits_{i \in S}R_{i}}}$

Now both the sending and receiving sides calculate a flow reservation.The sending side is egress reservation and the receiving side is ingressreservation. The receiving side sends the result to the sending side viathe feedback packet. Then the sending side chooses a smaller one as thefinal reservation for the flow:

R _(s-d)=min(R _(s-d) ^(s) ,R _(s-d) ^(d))

FIG. 12 conceptually illustrates a process 1200 for calculatingbandwidth reservation for flow between two virtual machines in someembodiments of the invention. Process 1200 is performed in someembodiments by the virtualization software of the source VM. As shown,the process calculates (at 1205) the bandwidth reservation of the flowbetween a source VM, s, and a destination VM, d. The bandwidth iscalculated as the reservation of s multiplied by the reservation of d,divided by the sum of the reservation of all active destinations thatare communicating with VM s (i.e., the reservation of all active peersof VM s). In other words, the reservation (or minimum guaranteedbandwidth) of VM s is proportionally divided for the flow between VM sand each active peer of VM s.

The process then receives (at 1210) the bandwidth reservation of theflow between s and d from the virtualization software of thedestination. The bandwidth is calculated by the virtualization softwareof the destination as the reservation of d multiplied by the reservationof s divided by the sum of the reservation of all active source VMs thatare sending packets to VM d (i.e., the reservation of all active peersof VM d). In other words, the reservation (or minimum guaranteedbandwidth) of VM d is proportionally divided for the flow between VM sand each active peer of VM d.

The process then calculates (at 1215) the reservation of the flowbetween VM s and VM d as the minimum of the reservation of VM scalculated at the source and the reservation of VM d calculated at thedestination. The process then calculates (at 1220) the rate (i.e., theactual bandwidth to use) for the flow between VM s and VM d as:

B _(s-d)=max(R _(s-d) ,R _(w-TCP))

where B_(s-d) is the rate for the flow between VM s and VM d andR_(w-TCP) is the rate calculated by using a weighted TCP-like algorithm.The process then exits.

B. Calculation of Bandwidth Limit for Traffic Flow Between Two VMs

The sending side calculates the flow's limit (i.e., the maximumbandwidth that can be used for the flow) as follows. Assuming that asource VM s is sending packets to a destination VM set d. The limit of sis L_(s) and the limit of each destination VM of dεD (i.e., destinationd belongs to the set of destinations D) is L_(d). Then the limit of theflow between VM s and VM d is:

$L_{s - d}^{s} = {L_{s} \times \frac{L_{d}}{\sum\limits_{i \in D}L_{i}}}$

At the receiving side, assuming that a destination VM d is receivingpackets from a source VM set s, the limit of VM d is L_(d) and the limitof sεS is L_(s). Then the limit of the flow between s and d is:

$L_{s - d}^{d} = {L_{d} \times \frac{L_{s}}{\sum\limits_{i \in S}L_{i}}}$

Both the sending and receiving sides calculate a flow limit. The sendingside is egress limit and the receiving side is ingress limit. Thereceiving side sends the result to the sending side via the feedbackpacket. Then the sending side chooses a smaller one as the final limitfor the flow:

L _(s-d)=min(L _(s-d) ^(s) ,L _(s-d) ^(d))

FIG. 13 conceptually illustrates a process 1300 for calculatingbandwidth limit for flow between two virtual machines in someembodiments of the invention. Process 1300 is performed in someembodiments by the virtualization software of the source VM. As shown,the process calculates (at 1305) the bandwidth limit of the flow betweena source VM, s, and a destination VM, d. The bandwidth limit iscalculated as the limit of s multiplied by the limit of d, divided bythe sum of the limit of all active destinations that are communicatingwith VM s (i.e., the bandwidth limit of all active peers of VM s). Inother words, the limit (or maximum allowed bandwidth) of VM s isproportionally divided for the flow between VM s and each active peer ofVM s.

The process then receives (at 1310) the bandwidth limit of the flowbetween s and d from the virtualization software of the destination. Thebandwidth limit is calculated by the virtualization software of thedestination as the limit of d multiplied by the limit of s divided bythe sum of the limit of all active source VMs that are sending packetsto VM d (i.e., the limit of all active peers of VM d). In other words,the limit (or maximum allowed bandwidth) of VM d is proportionallydivided for the flow between VM s and each active peer of VM d.

The process then calculates (at 1315) the limit of the flow between VM sand VM d as the minimum of the limit of VM s calculated at the sourceand the limit of VM d calculated at the destination. The process thenexits.

C. Calculation of Bandwidth Share for Traffic Flow Between Two VMs

The sending side calculates the flow's share (i.e., the weight used tocalculate the share of spare bandwidth that can be allocated to theflow) as follows. Assuming that a source VM s is sending packets to adestination VM set d. The share of s is S_(s) and the share of eachdestination VM of dεD (i.e., destination d belongs to the set ofdestinations D) is S_(d). Then the share of the flow between VM s and VMd is:

$S_{s - d}^{s} = {S_{s} \times \frac{S_{d}}{\sum\limits_{i \in D}S_{i}}}$

At the receiving side, assuming that a destination VM d is receivingpackets from a source VM set s, the share of VM d is L_(d) and the shareof sεS is S_(s). Then the share of the flow between s and d is:

$S_{s - d}^{d} = {S_{d} \times \frac{S_{s}}{\sum\limits_{i \in S}S_{i}}}$

Both the sending and receiving sides calculate a share for the flow. Thesending side is egress share and the receiving side is ingress share.The receiving side sends the result to the sending side via the feedbackpacket. Then the sending side chooses a smaller one as the final sharefor the flow:

S _(s-d)=min(S _(s-d) ^(s) ,S _(s-d) ^(d))

FIG. 14 conceptually illustrates a process 1400 for calculating sharefor the flow between two virtual machines in some embodiments of theinvention. Process 1400 is performed in some embodiments by thevirtualization software of the source VM. As shown, the processcalculates (at 1405) the share of the flow between a source VM, s, and adestination VM, d. The share is calculated as the share of s multipliedby the share of d, divided by the sum of the share of all activedestinations that are communicating with VM s (i.e., the share of allactive peers of VM s). In other words, the share (or the weight used tocalculate the spare bandwidth) of VM s is proportionally divided for theflow between VM s and each active peer of VM s.

The process then receives (at 1410) the share of the flow between s andd from the virtualization software of the destination. The share iscalculated by the virtualization software of the destination as theshare of VM d multiplied by the share of VM s divided by the sum of theshare of all active source VMs that are sending packets to VM d (i.e.,the share of all active peers of VM d). In other words, the share (ormaximum allowed bandwidth) of VM d is proportionally divided for theflow between VM s and each active peer of VM d.

The process then allocates (at 1415) spare bandwidth among differentflows at the source using the share calculated at the source for VM sand the share for other active VMs at the source. The process then uses(at 1420) the share calculated at the destination to determine how toincrease or decrease speed to control the traffic congestion (e.g., byusing the share calculated at the destination in a congestion controlalgorithm). The process then exits.

IV. Electronic System

Many of the above-described features and applications are implemented assoftware processes that are specified as a set of instructions recordedon a computer readable storage medium (also referred to as computerreadable medium). When these instructions are executed by one or moreprocessing unit(s) (e.g., one or more processors, cores of processors,or other processing units), they cause the processing unit(s) to performthe actions indicated in the instructions. Examples of computer readablemedia include, but are not limited to, CD-ROMs, flash drives, RAM chips,hard drives, EPROMs, etc. The computer readable media does not includecarrier waves and electronic signals passing wirelessly or over wiredconnections.

In this specification, the term “software” is meant to include firmwareresiding in read-only memory or applications stored in magnetic storage,which can be read into memory for processing by a processor. Also, insome embodiments, multiple software inventions can be implemented assub-parts of a larger program while remaining distinct softwareinventions. In some embodiments, multiple software inventions can alsobe implemented as separate programs. Finally, any combination ofseparate programs that together implement a software invention describedhere is within the scope of the invention. In some embodiments, thesoftware programs, when installed to operate on one or more electronicsystems, define one or more specific machine implementations thatexecute and perform the operations of the software programs.

FIG. 15 conceptually illustrates an electronic system 1500 with whichsome embodiments of the invention are implemented. The electronic system1500 can be used to execute any of the control, virtualization, oroperating system applications described above. The electronic system1500 may be a computer (e.g., a desktop computer, personal computer,tablet computer, server computer, mainframe, a blade computer etc.),phone, PDA, or any other sort of electronic device. Such an electronicsystem includes various types of computer readable media and interfacesfor various other types of computer readable media. Electronic system1500 includes a bus 1505, processing unit(s) 1510, a system memory 1520,a read-only memory (ROM) 1530, a permanent storage device 1535, inputdevices 1540, and output devices 1545.

The bus 1505 collectively represents all system, peripheral, and chipsetbuses that communicatively connect the numerous internal devices of theelectronic system 1500. For instance, the bus 1505 communicativelyconnects the processing unit(s) 1510 with the read-only memory 1530, thesystem memory 1520, and the permanent storage device 1535.

From these various memory units, the processing unit(s) 1510 retrieveinstructions to execute and data to process in order to execute theprocesses of the invention. The processing unit(s) may be a singleprocessor or a multi-core processor in different embodiments.

The read-only-memory 1530 stores static data and instructions that areneeded by the processing unit(s) 1510 and other modules of theelectronic system. The permanent storage device 1535, on the other hand,is a read-and-write memory device. This device is a non-volatile memoryunit that stores instructions and data even when the electronic system1500 is off. Some embodiments of the invention use a mass-storage device(such as a magnetic or optical disk and its corresponding disk drive) asthe permanent storage device 1535.

Other embodiments use a removable storage device (such as a floppy disk,flash drive, etc.) as the permanent storage device. Like the permanentstorage device 1535, the system memory 1520 is a read-and-write memorydevice. However, unlike storage device 1535, the system memory is avolatile read-and-write memory, such a random access memory. The systemmemory stores some of the instructions and data that the processor needsat runtime. In some embodiments, the invention's processes are stored inthe system memory 1520, the permanent storage device 1535, and/or theread-only memory 1530. From these various memory units, the processingunit(s) 1510 retrieve instructions to execute and data to process inorder to execute the processes of some embodiments.

The bus 1505 also connects to the input and output devices 1540 and1545. The input devices enable the user to communicate information andselect commands to the electronic system. The input devices 1540 includealphanumeric keyboards and pointing devices (also called “cursor controldevices”). The output devices 1545 display images generated by theelectronic system. The output devices include printers and displaydevices, such as cathode ray tubes (CRT) or liquid crystal displays(LCD). Some embodiments include devices such as a touchscreen thatfunction as both input and output devices.

Finally, as shown in FIG. 15, bus 1505 also couples electronic system1500 to a network 1525 through a network adapter (not shown). In thismanner, the computer can be a part of a network of computers (such as alocal area network (“LAN”), a wide area network (“WAN”), or an Intranet,or a network of networks, such as the Internet. Any or all components ofelectronic system 1500 may be used in conjunction with the invention.

Some embodiments include electronic components, such as microprocessors,storage and memory that store computer program instructions in amachine-readable or computer-readable medium (alternatively referred toas computer-readable storage media, machine-readable media, ormachine-readable storage media). Some examples of such computer-readablemedia include RAM, ROM, read-only compact discs (CD-ROM), recordablecompact discs (CD-R), rewritable compact discs (CD-RW), read-onlydigital versatile discs (e.g., DVD-ROM, dual-layer DVD-ROM), a varietyof recordable/rewritable DVDs (e.g., DVD-RAM, DVD-RW, DVD+RW, etc.),flash memory (e.g., SD cards, mini-SD cards, micro-SD cards, etc.),magnetic and/or solid state hard drives, read-only and recordableBlu-Ray® discs, ultra density optical discs, any other optical ormagnetic media, and floppy disks. The computer-readable media may storea computer program that is executable by at least one processing unitand includes sets of instructions for performing various operations.Examples of computer programs or computer code include machine code,such as is produced by a compiler, and files including higher-level codethat are executed by a computer, an electronic component, or amicroprocessor using an interpreter.

While the above discussion primarily refers to microprocessor ormulti-core processors that execute software, some embodiments areperformed by one or more integrated circuits, such as applicationspecific integrated circuits (ASICs) or field programmable gate arrays(FPGAs). In some embodiments, such integrated circuits executeinstructions that are stored on the circuit itself.

As used in this specification, the terms “computer”, “server”,“processor”, and “memory” all refer to electronic or other technologicaldevices. These terms exclude people or groups of people. For thepurposes of the specification, the terms display or displaying meansdisplaying on an electronic device. As used in this specification, theterms “computer readable medium,” “computer readable media,” and“machine readable medium” are entirely restricted to tangible, physicalobjects that store information in a form that is readable by a computer.These terms exclude any wireless signals, wired download signals, andany other ephemeral or transitory signals.

While the invention has been described with reference to numerousspecific details, one of ordinary skill in the art will recognize thatthe invention can be embodied in other specific forms without departingfrom the spirit of the invention. In addition, a number of the figures(including FIGS. 8-9 and 11-14) conceptually illustrate processes. Thespecific operations of these processes may not be performed in the exactorder shown and described. The specific operations may not be performedin one continuous series of operations, and different specificoperations may be performed in different embodiments. Furthermore, theprocess could be implemented using several sub-processes, or as part ofa larger macro process.

This specification refers throughout to computational and networkenvironments that include virtual machines (VMs). However, virtualmachines are merely one example of data compute nodes (DCNs) or datacompute end nodes, also referred to as addressable nodes. DCNs mayinclude non-virtualized physical hosts, virtual machines, containersthat run on top of a host operating system without the need for ahypervisor or separate operating system, and hypervisor kernel networkinterface modules.

VMs, in some embodiments, operate with their own guest operating systemson a host using resources of the host virtualized by virtualizationsoftware (e.g., a hypervisor, virtual machine monitor, etc.). The tenant(i.e., the owner of the VM) can choose which applications to operate ontop of the guest operating system. Some containers, on the other hand,are constructs that run on top of a host operating system without theneed for a hypervisor or separate guest operating system. In someembodiments, the host operating system uses name spaces to isolate thecontainers from each other and therefore provides operating-system levelsegregation of the different groups of applications that operate withindifferent containers. This segregation is akin to the VM segregationthat is offered in hypervisor-virtualized environments that virtualizesystem hardware, and thus can be viewed as a form of virtualization thatisolates different groups of applications that operate in differentcontainers. Such containers are more lightweight than VMs.

Hypervisor kernel network interface modules, in some embodiments, is anon-VM DCN that includes a network stack with a hypervisor kernelnetwork interface and receive/transmit threads. One example of ahypervisor kernel network interface module is the vmknic module that ispart of the ESXi™ hypervisor of VMware, Inc.

One of ordinary skill in the art will recognize that while thespecification refers to VMs, the examples given could be any type ofDCNs, including physical hosts, VMs, non-VM containers, and hypervisorkernel network interface modules. In fact, the example networks couldinclude combinations of different types of DCNs in some embodiments.

In view of the foregoing, one of ordinary skill in the art wouldunderstand that the invention is not to be limited by the foregoingillustrative details, but rather is to be defined by the appendedclaims.

What is claimed is:
 1. A physical computing device operating in anetwork comprising a plurality of tenant virtual machines (VMs), each VMhosted on a host machine comprising a virtualization software, thephysical computing device configured to: receive network bandwidthallocation policies for the plurality of VMs; determine a set ofpotential communication peers for each VM; and send the networkbandwidth allocation policy of each VM to the virtualization software ofthe host machines of each potential communication peer of the VM.
 2. Thephysical computing device of claim 1, wherein the virtualizationsoftware of each host comprises a set of logical and physical forwardingelements, the physical computing device further configured to receiveinformation regarding the logical and physical forwarding elementsconnected to each VM, wherein determining the set of potentialcommunication peers of each particular VM comprises determining thepotential communication peers as the VMs that are connected to a samephysical or logical forwarding element as the particular VM.
 3. Thephysical computing device of claim 1, wherein a set of virtualizationsoftwares are connected to each other through a virtual distributedrouter connecting the set of virtualization software at an open systemsinterconnection (OSI) model Layer 3 (L3) level, wherein determining theset of potential communication peers of each particular VM comprisesdetermining the potential communication peers as the VMs that areconnected to the virtual distributed router.
 4. The physical computingdevice of claim 1, wherein the network bandwidth allocation policy ofeach VM comprises a bandwidth reservation specifying a minimumguaranteed bandwidth for the VM.
 5. The physical computing device ofclaim 1, wherein the network bandwidth allocation policy of each VMcomprises a bandwidth limit specifying a maximum allowed bandwidth forthe VM.
 6. The physical computing device of claim 1, wherein the networkbandwidth allocation policy of each VM comprises a bandwidth sharespecifying a weight for calculating a share of spare network bandwidthallocated to the VM.
 7. The physical computing device of claim 1,wherein the physical computing device receives network bandwidthallocation policies of the VMs at a time of activation of the VM.
 8. Anon-transitory machine readable medium storing a program fordistributing network bandwidth allocation policies in a networkcomprising a plurality of tenant virtual machines (VMs), each VM hostedon a host machine comprising a virtualization software, the programcomprising sets of instructions for: receiving network bandwidthallocation policies for the plurality of VMs; determining a set ofpotential communication peers for each VM; and sending the networkbandwidth allocation policy of each VM to the virtualization software ofthe host machines of each potential communication peer of the VM.
 9. Thenon-transitory machine readable medium of claim 8, wherein thevirtualization software of each host comprises a set of logical andphysical forwarding elements, the physical computing device furtherconfigured to receive information regarding the logical and physicalforwarding elements connected to each VM, wherein the set ofinstructions for determining the set of potential communication peers ofeach particular VM comprises a set of instructions for determining thepotential communication peers as the VMs that are connected to a samephysical or logical forwarding element as the particular VM.
 10. Thenon-transitory machine readable medium of claim 8, wherein a set ofvirtualization software are connected to each other through a virtualdistributed router connecting the set of virtualization software at anopen systems interconnection (OSI) model Layer 3 (L3) level, wherein theset of instructions for determining the set of potential communicationpeers of each particular VM comprises a set of instructions fordetermining the potential communication peers as the VMs that areconnected to the virtual distributed router.
 11. The non-transitorymachine readable medium of claim 8, wherein the network bandwidthallocation policy of each VM comprises a bandwidth reservationspecifying a minimum guaranteed bandwidth for the VM.
 12. Thenon-transitory machine readable medium of claim 8, wherein the networkbandwidth allocation policy of each VM comprises a bandwidth limitspecifying a maximum allowed bandwidth for the VM.
 13. Thenon-transitory machine readable medium of claim 8, wherein the networkbandwidth allocation policy of each VM comprises a bandwidth sharespecifying a weight for calculating a share of spare network bandwidthallocated to the VM.
 14. The non-transitory machine readable medium ofclaim 8, wherein the physical computing device receives networkbandwidth allocation policies of the VMs at a time of activation of theVM.
 15. A method of distributing network bandwidth allocation policiesin a network comprising a plurality of tenant virtual machines (VMs),each VM hosted on a host machine comprising a virtualization software,the method comprising: receiving network bandwidth allocation policiesfor the plurality of VMs; determining a set of potential communicationpeers for each VM; and sending the network bandwidth allocation policyof each VM to the virtualization software of the host machines of eachpotential communication peer of the VM.
 16. The method of claim 15,wherein the virtualization software of each host comprises a set oflogical and physical forwarding elements, the physical computing devicefurther configured to receive information regarding the logical andphysical forwarding elements connected to each VM, wherein the set ofinstructions for determining the set of potential communication peers ofeach particular VM comprises a set of instructions for determining thepotential communication peers as the VMs that are connected to a samephysical or logical forwarding element as the particular VM.
 17. Themethod of claim 15, wherein a set of virtualization software areconnected to each other through a virtual distributed router connectingthe set of virtualization software at an open systems interconnection(OSI) model Layer 3 (L3) level, wherein the set of instructions fordetermining the set of potential communication peers of each particularVM comprises a set of instructions for determining the potentialcommunication peers as the VMs that are connected to the virtualdistributed router.
 18. The method of claim 15, wherein the networkbandwidth allocation policy of each VM comprises a bandwidth reservationspecifying a minimum guaranteed bandwidth for the VM.
 19. The method ofclaim 15, wherein the network bandwidth allocation policy of each VMcomprises a bandwidth limit specifying a maximum allowed bandwidth forthe VM.
 20. The method of claim 15, wherein the network bandwidthallocation policy of each VM comprises a bandwidth share specifying aweight for calculating a share of spare network bandwidth allocated tothe VM.
 21. The method of claim 15, wherein the physical computingdevice receives network bandwidth allocation policies of the VMs at atime of activation of the VM.